Monitoring User Management in HCL Domino with SecurTrac


When an administrator performs “User Management” in HCL Domino, are there any default tools and features in HCL Domino which allows an organization for the purposes of compliance, the ability to provide an audit trail detailing all related events that were executed for any user management related tasks? With corporate governance and regulatory compliance being more prominent in companies, is yours able to account for each administrator’s actions while performing user management tasks? If an audit was to be performed in your HCL Domino environment, are you able to provide detailed logging of administrator activity related to user management?

Before answering that important question, let’s first take an in-depth look at the associated actions that may need to occur while an administrator executes a user management related task.

HCL Domino - User Management Action Types
Related Actions

User Creation
    • New Person document created
    • New USER ID file generated
    • New User added to Group(s)
    • Assign Notes/Internet password
    • New Mail database created

User Modification
    • Name changes requiring updated Person/Group documents and ACL updates.
    • Update to Internet Password in Person document

User Deletion
    • Delete Person document
    • Remove all Domino Directory group memberships
    • Delete user from all database ACLs
    • Add deleted user to Termination/Deny Access groups
    • Delete user mail database from the Domino server.

After having reviewed the above related actions associated with the various stages of user management, let’s circle back to the very important question that we posed earlier:

Q. If an audit was to be performed in your HCL Domino environment, are you able to provide detailed logging of administrator activity related to user management?

A. The reality is that HCL Domino does not include any built-in tools and features that track all related events in relation to user management tasks. That being said, your organization may end up failing a corporate governance or regulatory compliance audit, unless you are using 3rd Party tools, like Extracomm’s SecurTrac for HCL Domino.

Extracomm’s SecurTrac for HCL Domino fills the void and provides detailed audit trail logging of what exactly the Domino Administrator does while executing “User Management” tasks. With SecurTrac installed on an HCL Domino server, you can monitor user management tasks as follows:

SecurTrac Monitor
Capture and log event details related to these actions:
Domino Directory Monitor
    • Person Document created/updated/deleted
    • User entry created/updated/deleted in Domino Directory Group(s) including Termination – Deny Access groups.
Database Monitor
    • User entry created/updated/deleted in Database application ACLs
    • Monitor when Notes User IDs are added/updated/deleted in the Domino ID Vault
    • Monitor Mail database deletion request approvals in the Administration Requests database.
Mail Monitor
    • User entry created/updated/deleted in Mail Database ACL
Intrusion Detection Monitor
    • Monitor creation of user Mail Databases

To learn more about how SecurTrac can help monitor user management activities within an HCL Domino environment, as described in this document, be sure to watch this SecurTrac tutorial:



Please visit http://www.extracomm.com/SecurTrac/ for more product information and get access to additional SecurTrac product tutorials that are available on the Extracomm YouTube channel.